How to use Magento 2 API

Magento API is a type of framework that offers developers and integrators a good method to maximize web services which communicate well with the Magneto system. Amongst the primary features are supports for SOAP (Simple Object Access Protocol) and REST (Representation State Transfer). The coverage is just the same for both SOAP and REST in Magento 2.
There are 3 kinds of authentication:

The mobile applications authenticating via tokens

The 3rd party applications authenticating via Oath 1.0a.

The authentication of customers and admins via login credentials.

Each account and integration serves as assigned sources which they can access. The API framework monitors the calls to check if the account is authorized to do the request.

Each Magento or 3rd party service could be configured into a web API via xml.

In order to configure the web API, you need to define XML attributes and elements in a webapi.xml configuration file. Once the service isn’t defined in a configuration file, it won’t be displayed.

/>

The framework is anchored upon the CRUD model, which stands for Create, Read, Update, and Delete. The system doesn’t support any webhook.

The framework, however, supports web API responses’ field filtering in order to better conserve the mobile bandwidth.

Web API’s integration style helps a web API to operate numerous services simultaneously to promote efficiency. The Magento APIs could be used to execute tasks like:

Creating a shopping application and the traditional type of application which can be downloaded to a mobile phone or device. This application can be utilized by the employees in a showroom to smoothen the customer's shopping experience.

API Methods

The following table contains the API methods that can be called from your SOAP or XML-RPC client on the Magento v1 API.

Method

Description

Return Value

startSession()

Start the API session and return session ID.

string

endSession(sessionId)

End the API session.

boolean

login(apiUser, apiKey)

Start the API session, return the session ID, and authorize the API user.

string

call(sessionId, resourcePath,array arguments)

Call the API resource that is allowed in the current session. See Note below.

mixed

multiCall(sessionId, array calls,array options)

Call the API resource’s methods that are allowed for current session. See Notes below.

array

resources(sessionId)

Return a list of available API resources and methods allowed for the current session.

array

globalFaults(sessionId)

Return a list of fault messages and their codes that do not depend on any resource.

array

resourceFaults(sessionId, resourceName)

Return a list of the specified resource fault messages, if this resource is allowed in the current session.

array

Note: For call and multiCall, if no session is specified, you can call only resources that are not protected by ACL.

Note: For multiCall, if the "break" option is specified, multiCall breaks on first error.
The Magento SOAP API v2 does not support the call() and multiCall() methods, and instead provides a separate method for each API resource.

Global API Faults

The following table contains fault codes that apply to all SOAP/XML-RPC API calls.

Fault Code

Fault Message

0

Unknown Error

1

Internal Error. Please see log for details.

2

Access denied.

3

Invalid api path.

4

Resource path is not callable.

SOAP API Version v2

Since Magento 1.3, version v2 of the SOAP API has also been available. The main difference between v1 and v2 is that instead of using the methods call and multiCall, it has separate methods for each of the actions.
For example, consider the following PHP code using SOAP v1.